package com.ibm.ws.security.web;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.ejs.security.SecurityContext;
import com.ibm.ejs.security.util.Constants;
import com.ibm.etools.webapplication.WebApp;
import java.io.IOException;
import java.util.Enumeration;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.xerces.validators.schema.SchemaSymbols;

/* loaded from: input_file:lib/security.jarcom/ibm/ws/security/web/FormLogoutServlet.class */
public class FormLogoutServlet extends HttpServlet {
    private static TraceComponent tc;
    protected static String DEFAULT_LOGOUT_MSG;
    private WebAttributes _webAttrs = null;
    private String _authMechanism = null;
    boolean _securityEnabled = false;
    static Class class$com$ibm$ws$security$web$FormLogoutServlet;

    public void init(ServletConfig servletConfig) throws ServletException {
        super/*javax.servlet.GenericServlet*/.init(servletConfig);
        this._securityEnabled = SecurityContext.isSecurityEnabled();
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, new StringBuffer().append("int, securityEnabled[").append(this._securityEnabled).append("]").toString());
        }
        if (this._securityEnabled) {
            try {
                WebApp webApp = getServletContext().getWebAppContext().getConfiguration().getWebApp();
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Create WebAttributes for this webApp.");
                }
                this._webAttrs = new WebAttributes(webApp);
                if (this._webAttrs == null) {
                    Tr.error(tc, Constants.nls.getString("security.web.form.noWebAppInfo", "Error getting the web app information for form login"));
                } else {
                    this._authMechanism = this._webAttrs.getAuthMechanism();
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, new StringBuffer().append("securityEnabled[").append(this._securityEnabled).append("] ").append("authMachism[").append(this._authMechanism).append("]").toString());
                    }
                }
            } catch (Exception e) {
                Tr.error(tc, Constants.nls.getString("security.web.form.noWebAppInfo", "Error getting the web app information for form login"), e);
            }
        }
    }

    public void destroy() {
    }

    public void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
    }

    public void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        if (this._securityEnabled) {
            formLogout(httpServletRequest, httpServletResponse);
        }
    }

    private void formLogout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "formLogout");
        }
        if (this._authMechanism.equals("LTPA")) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "LTPA Enabled, clearing LTPA Cookie");
            }
            Cookie cookie = new Cookie(this._webAttrs.getLTPACookieName(), "");
            this._webAttrs.copyInto(cookie);
            cookie.setMaxAge(0);
            httpServletResponse.addCookie(cookie);
        } else if (tc.isDebugEnabled()) {
            Tr.debug(tc, "LTPA and SSO NOT Enabled");
        }
        HttpSession session = httpServletRequest.getSession(false);
        if (session != null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "invalidating existing HTTP Session");
            }
            session.invalidate();
        } else if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Existing HTTP Session does not exist, nothing to invalidate");
        }
        if (tc.isDebugEnabled()) {
            Enumeration parameterNames = httpServletRequest.getParameterNames();
            while (parameterNames.hasMoreElements()) {
                String str = (String) parameterNames.nextElement();
                Tr.debug(tc, new StringBuffer().append("paramName:").append(str).toString());
                String[] parameterValues = httpServletRequest.getParameterValues(str);
                if (parameterValues.length == 1) {
                    String str2 = parameterValues[0];
                    if (str2.length() == 0) {
                        Tr.debug(tc, "paramValue:No Value");
                    } else {
                        Tr.debug(tc, new StringBuffer().append("paramValue:").append(str2).toString());
                    }
                } else {
                    for (String str3 : parameterValues) {
                        Tr.debug(tc, new StringBuffer().append("paramValue:").append(str3).toString());
                    }
                }
            }
        }
        String parameter = httpServletRequest.getParameter("logoutExitPage");
        if (parameter == null || parameter.length() == 0) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "No logoutExitPage specified");
            }
            httpServletResponse.getWriter().println(DEFAULT_LOGOUT_MSG);
        } else {
            String property = System.getProperty("com.ibm.websphere.sendredirect.compliance");
            boolean z = property != null ? property.equals("1") || property.equalsIgnoreCase(SchemaSymbols.ATTVAL_TRUE) : false;
            String contextPath = httpServletRequest.getContextPath();
            if (parameter != null && parameter.startsWith("/") && contextPath != null && !contextPath.equals("/") && z) {
                parameter = new StringBuffer().append(contextPath).append(parameter).toString();
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, new StringBuffer().append("logoutExitPage specified, redirecting to:").append(parameter).toString());
            }
            httpServletResponse.sendRedirect(parameter);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "formLogout");
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$com$ibm$ws$security$web$FormLogoutServlet == null) {
            cls = class$("com.ibm.ws.security.web.FormLogoutServlet");
            class$com$ibm$ws$security$web$FormLogoutServlet = cls;
        } else {
            cls = class$com$ibm$ws$security$web$FormLogoutServlet;
        }
        tc = Tr.register(cls);
        DEFAULT_LOGOUT_MSG = "<!DOCTYPE HTML PUBLIC \"-//W3C/DTD HTML 4.0 Transitional//EN\"><HTML><TITLE>Default Logout Exit Page</TITLE><BODY><H2>Successful Logout</H2></BODY></HTML>";
    }
}
